<?php
class DiscussionsController extends AppController {
    public function isAuthorized($user) {
        $this->loadModel('User');
        $this->User->id = $user['id'];
        $this->User->unbindModel(array('hasMany' => array('Test')));
        $role = $this->User->read('role');
        if($role['User']['role'] == 'none') {
            if(in_array($this->action, array('add', 'edit', 'delete'))) {
                return true;
            }
        }
        if($role['User']['role'] == 'admin') {
            if(in_array($this->action, array('add', 'edit', 'delete'))) {
                return true;
            }
        }
    }
    public function add($id){
        $this->loadModel('Test');
        $this->Test->id = $id;
        if($this->Test->exists()) {
            if($this->request->is('post')) {
                $this->request->data['Discussion']['test_id'] = $id;
                $this->request->data['Discussion']['user_id'] = $this->Auth->user('id');
                if($this->Discussion->save($this->request->data)) {
                    $this->redirect(array('controller' => 'tests', 'action' => 'view', $id));
                } else {
                    $this->redirect(array('controller' => 'tests', 'action' => 'view', $id));
                }
            }
        } else {
            $this->redirect(array('controller' => 'index'));
        }
    }
    
    public function delete($id, $disId) {
        $this->loadModel('Test');
        $this->Test->id = $id;
        if($this->Test->exists()) {
            $this->Discussion->id = $disId;
            $discussion = $this->Discussion->read();
            if($discussion['Discussion']['user_id'] == $this->Auth->user('id')) {
                if($this->Discussion->delete()) {
                    $this->redirect(array('controller' => 'tests', 'action' => 'view', $id));
                } else {
                    $this->redirect(array('controller' => 'tests', 'action' => 'view', $id));
                }
            } else {
                $this->redirect(array('controller' => 'tests', 'action' => 'view', $id));
            }
        } else {
            $this->redirect(array('controller' => 'index'));
        }
    }
    
    public function edit($id, $disId) {
        $this->set('test_id', $id);
        $this->set('discussion_id', $disId);
        $this->loadModel('Test');
        $this->Test->id = $id;
        if($this->Test->exists()) {
            $this->Discussion->id = $disId;
            if($this->Discussion->exists()) {
                $discussion = $this->Discussion->read(array('content', 'user_id'));
                if($discussion['Discussion']['user_id'] == $this->Auth->user('id') || $this->Session->read('Chomo.Current.Role') == 'admin') {
                    $this->set('discussionView', $discussion);
                    if($this->request->is('post')) {
                        if($this->Discussion->save($this->request->data, true, array('content'))) {
                            $this->redirect(array('controller' => 'tests', 'action' => 'view', $id));
                        } else {
                            $this->redirect(array('controller' => 'tests', 'action' => 'view', $id));
                        }
                    }
                } else {
                    $this->redirect(array('controller' => 'tests', 'action' => 'view', $id));
                }
            }
        } else {
            $this->redirect(array('controller' => 'index'));
        }
    }
}
?>